Package xpdf: Information

    Source package: xpdf
    Version: 4.05-alt1
    Build time:  May 5, 2024, 11:10 AM
    Category: Office
    Report package bug
    License: GPLv2 or GPLv3
    Summary: The PDF viewer and tools
    Description: 
    The Xpdf open source project includes a PDF viewer along with a
    collection of command line tools which perform various functions on
    PDF files.

    List of rpms provided by this srpm:
    xpdf (riscv64)
    xpdf-common (noarch)
    xpdf-desktop (noarch)
    xpdf-i18n (noarch)
    xpdf-utils (riscv64)
    xpdf-utils-debuginfo (riscv64)
    xpdf-viewer (riscv64)
    xpdf-viewer-debuginfo (riscv64)

    Maintainer: Andrew Savchenko


      1. cmake
      2. desktop-file-utils
      3. fontconfig-devel
      4. gcc-c++
      5. libcups-devel
      6. libfreetype-devel
      7. libpaper-devel
      8. libpng-devel
      9. librsvg-utils
      10. qt6-base-devel
      11. rpm-macros-cmake
      12. zlib-devel

    Last changed


    May 4, 2024 Andrew Savchenko 4.05-alt1
    - Update xpdf to version 4.05
    - Migrate to Qt6
    - Update Chinese simplifiend and Korean language files to version 2023-dec-05
    - Fix type1 urw fonts path (ALT bug 48335)
    - Fixes:
      - CVE-2018-7453 PDF object loop in AcroForm::scanField
      - CVE-2018-16369 PDF object loop in AcroForm::scanField
      - CVE-2019-9587 PDF object loop in Catalog::countPageTree
      - CVE-2019-9588 PDF object loop in Catalog::countPageTree
      - CVE-2019-16088 PDF object loop in Catalog::countPageTree
      - CVE-2022-30524 logic bug in text extractor led to invalid memory access
      - CVE-2022-30775 integer overflow in rasterizer
      - CVE-2022-33108 PDF object loop in Catalog::countPageTree
      - CVE-2022-36561 PDF object loop in AcroForm::scanField
      - CVE-2022-38222 logic bug in JBIG2 decoder
      - CVE-2022-38334 PDF object loop in Catalog::countPageTree
      - CVE-2022-38928 missing bounds check in CFF font converter caused null pointer dereference
      - CVE-2022-41842 PDF object loop in Catalog::countPageTree
      - CVE-2022-41843 missing bounds check in CFF font parser caused invalid memory access
      - CVE-2022-41844 PDF object loop in AcroForm::scanField
      - CVE-2022-43071 PDF object loop in Catalog::readPageLabelTree2
      - CVE-2022-43295 PDF object loop in Catalog::countPageTree
      - CVE-2022-45586 PDF object loop in Catalog::countPageTree
      - CVE-2022-45587 PDF object loop in Catalog::countPageTree
      - CVE-2023-2662 Divide-by-zero in Xpdf 4.04 due to bad color space object
      - CVE-2023-2663 PDF object loop in Catalog::readPageLabelTree2
      - CVE-2023-2664 PDF object loop in Catalog::readEmbeddedFileTree
      - CVE-2023-3044 Divide-by-zero in Xpdf 4.04 due to very large page size
      - CVE-2023-3436 Deadlock in Xpdf 4.04 due to PDF object stream references
    May 15, 2022 Andrew Savchenko 4.04-alt1
    - Version bump
    - Many bugfixes, including security, including:
      Fixes: CVE-2022-24106, CVE-2022-27135
    May 31, 2021 Arseny Maslennikov 4.03-alt1.1
    - NMU: spec: adapted to new cmake macros.